Community Learn Tools Library Leisure

English

Home > Web Front-end > JS Tutorial > ASP SQL injection prevention method_jquery

ASP SQL injection prevention method_jquery

WBOY

Release： 2016-05-16 18:57:12

Original

1500 people have browsed it

Below we will introduce another method to prevent SQL injection attacks in ASP. This method is not only applicable in ASP, but can actually be used in any language that uses the ADO object model to interact with the database. To be precise, it is called ADO-based. The object model approach to preventing SQL injection may be more appropriate. Okay, without further ado, let’s take a look at the code

Copy the code The code is as follows:

Dim conn,cmd,pra 
set conn=server.createobject("adodb.connection") 
conn.Open "…………" 'The database connection word is omitted here

set cmd=server. createobject("adodb.Command") 
set pra=server.createobject("adodb.Parameter") 
cmd.ActiveConnection = conn 

cmd.CommandText = "update news set title=? where id =?" 
cmd.CommandType = adCmdText 

Set pra = cmd.CreateParameter("title", adVarWChar, adParamInput, 50, "1'2'3") 
cmd.Parameters. Append pra 

Set pra = cmd.CreateParameter("id", adInteger, adParamInput, , 10) 
cmd.Parameters.Append pra 

cmd.Execute

The id field of the news table is of type Integer, and the title field is of type nvarchar(50). The result of the execution is to change the content of the title field of the record with the id field of 10 in the news table to "1'2'3 "

Related labels：

asp sql Anti-injection

source：php.cn

Previous article：Verification of js implementation, learn to use js to control td_javascript skills Next article：Don’t underestimate the security issues caused by commented out JS_javascript tips

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

What is a NullPointerException, and how do I fix it?

2024-10-22 09:46:29
From Novice to Coder: Your Journey Begins with C Fundamentals

2024-10-13 13:53:41
Unlocking Web Development with PHP: A Beginner's Guide

2024-10-12 12:15:51
Demystifying C: A Clear and Simple Path for New Programmers

2024-10-11 22:47:31
Unlock Your Coding Potential: C Programming for Absolute Beginners

2024-10-11 19:36:51
Unleash Your Inner Programmer: C for Absolute Beginners

2024-10-11 15:50:41
Automate Your Life with C: Scripts and Tools for Beginners

2024-10-11 15:07:41
PHP Made Easy: Your First Steps in Web Development

2024-10-11 14:21:21
Build Anything with Python: A Beginner's Guide to Unleashing Your Creativity

2024-10-11 12:59:11
The Key to Coding: Unlocking the Power of Python for Beginners

2024-10-11 12:17:31

Latest Issues

Possibility to store ASP Classic code as string in MYSQL database Is it possible to store asp classic code into a MySQL database and have it execute the cod...

From 2024-04-06 13:38:43

0

1

358

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template